Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/BFFBA622B71111EDAE7B3819C4F9AE02.roa
File: BFFBA622B71111EDAE7B3819C4F9AE02.roa (raw, json)
Hash identifier: 5zG7hKg3XW29GMlMy2WVTrhbXTCv/lFayAsr3etbEro=
Subject key identifier: 31:95:3D:F1:28:B9:7D:35:BE:55:65:6E:5B:B8:BC:31:A7:C9:9C:6E
Certificate issuer: /CN=A9176AFD/serialNumber=0A422A6397D8EB6CB35775297CEB55A5E18FE1E2
Certificate serial: 1717
Authority key identifier: 0A:42:2A:63:97:D8:EB:6C:B3:57:75:29:7C:EB:55:A5:E1:8F:E1:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/BFFBA622B71111EDAE7B3819C4F9AE02.roa
Signing time: Tue 28 Feb 2023 03:23:58 +0000
ROA not before: Tue 28 Feb 2023 03:23:58 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 9934
IP address blocks: 103.242.44.0/22 maxlen: 22
202.179.0.0/19 maxlen: 19
202.179.0.0/24 maxlen: 24
202.179.1.0/24 maxlen: 24
202.179.2.0/24 maxlen: 24
202.179.3.0/24 maxlen: 24
202.179.4.0/24 maxlen: 24
202.179.5.0/24 maxlen: 24
202.179.6.0/24 maxlen: 24
202.179.7.0/24 maxlen: 24
202.179.8.0/24 maxlen: 24
202.179.9.0/24 maxlen: 24
202.179.10.0/24 maxlen: 24
202.179.11.0/24 maxlen: 24
202.179.12.0/24 maxlen: 24
202.179.13.0/24 maxlen: 24
202.179.14.0/23 maxlen: 23
202.179.16.0/22 maxlen: 22
202.179.20.0/23 maxlen: 23
202.179.22.0/24 maxlen: 24
202.179.23.0/24 maxlen: 24
202.179.24.0/24 maxlen: 24
202.179.25.0/24 maxlen: 24
202.179.26.0/24 maxlen: 24
202.179.27.0/24 maxlen: 24
202.179.28.0/24 maxlen: 24
202.179.29.0/24 maxlen: 24
202.179.30.0/24 maxlen: 24
202.179.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5911 (0x1717)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176AFD/serialNumber=0A422A6397D8EB6CB35775297CEB55A5E18FE1E2
Validity
Not Before: Feb 28 03:23:58 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63fd73ce-d804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:ee:ee:0a:61:3b:44:a0:bd:9b:79:f5:b3:cd:
55:45:e5:1b:53:e3:52:40:ea:e7:79:d2:3c:13:7f:
87:60:7b:78:d3:18:e4:18:a6:76:37:27:c1:d5:c9:
f4:e2:8e:19:d9:9d:d8:95:e6:61:a6:ce:16:f1:c0:
db:42:95:64:17:b4:65:76:f2:27:b2:1f:62:ff:5f:
3c:8b:24:5d:00:15:f4:5f:ac:03:96:e7:e7:3f:1b:
44:d5:80:77:b7:df:d0:4c:11:f0:cc:35:9b:68:5a:
dd:50:54:eb:cb:85:dc:35:55:37:ac:bb:26:fc:65:
c5:8c:03:b2:f3:a7:57:a7:f7:14:62:94:68:b3:91:
5c:d2:5e:0c:15:be:48:fe:3f:4e:70:ba:89:4c:d9:
5c:72:35:56:f7:b3:73:53:f6:94:4e:77:00:9e:a7:
56:b4:1f:78:45:e6:47:39:f2:eb:65:28:f4:ea:4f:
c8:bf:db:03:ad:2f:2f:de:81:95:a8:00:16:90:b0:
24:9c:13:31:bd:c5:02:30:87:4e:b6:24:14:e0:b3:
e6:9c:20:7b:1a:a2:b9:b0:92:d7:bd:6c:fc:53:f7:
1c:02:a1:6f:b2:8d:9f:45:e7:fe:6d:88:fb:e3:e0:
8a:0b:d1:92:22:66:d9:19:7f:7f:47:6e:01:80:9a:
65:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:95:3D:F1:28:B9:7D:35:BE:55:65:6E:5B:B8:BC:31:A7:C9:9C:6E
X509v3 Authority Key Identifier:
keyid:0A:42:2A:63:97:D8:EB:6C:B3:57:75:29:7C:EB:55:A5:E1:8F:E1:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/BFFBA622B71111EDAE7B3819C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.242.44.0/22
202.179.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a0:cc:ea:ac:ed:25:51:b1:25:44:5d:8f:3c:e2:30:bb:ba:b9:
cc:8f:7d:c4:7a:35:4b:e8:e3:ef:20:ea:d8:26:11:f7:f7:fc:
fd:68:99:a7:6b:a0:4c:e0:33:46:f6:fe:58:dc:9b:93:c2:20:
51:f5:93:25:4d:8a:f4:85:c1:a2:7c:84:bc:96:f6:02:87:c3:
db:8d:ed:b3:e1:63:c6:2e:a4:a6:d5:74:ef:c4:5b:9f:67:75:
8c:58:fe:b8:ec:fc:37:7e:91:95:c8:a8:17:cc:fa:57:8f:5a:
4b:10:4c:22:07:ac:86:8d:71:2c:3b:d5:ff:8b:94:60:19:9a:
85:46:a9:15:13:58:45:95:1a:41:8e:e2:f7:6f:ee:7d:62:43:
d8:54:ca:22:35:4a:4d:d0:50:30:d5:5d:a9:1f:2d:6e:6d:81:
49:08:79:3e:03:20:69:47:e2:05:31:f2:80:6f:ac:ed:96:df:
1c:77:15:ef:c9:70:66:e8:de:6e:c5:73:88:ed:3c:88:03:fb:
e7:cd:0d:45:f1:85:91:c7:22:a5:f7:8b:72:c8:a3:da:46:19:
37:f1:a9:18:75:55:40:5a:ef:ce:47:2e:04:92:f5:f8:d7:0b:
9e:fd:f1:e5:9c:5d:aa:12:9c:c3:fb:28:e8:0b:83:b9:73:1c:
5b:ce:3b:7d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFxcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzZBRkQxMTAvBgNVBAUTKDBBNDIyQTYzOTdEOEVCNkNCMzU3NzUyOTdDRUI1NUE1
RTE4RkUxRTIwHhcNMjMwMjI4MDMyMzU4WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZkNzNjZS1kODA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9e7uCmE7RKC9m3n1s81VReUbU+NSQOrnedI8E3+HYHt40xjkGKZ2NyfB1cn0
4o4Z2Z3YleZhps4W8cDbQpVkF7RldvInsh9i/188iyRdABX0X6wDlufnPxtE1YB3
t9/QTBHwzDWbaFrdUFTry4XcNVU3rLsm/GXFjAOy86dXp/cUYpRos5Fc0l4MFb5I
/j9OcLqJTNlccjVW97NzU/aUTncAnqdWtB94ReZHOfLrZSj06k/Iv9sDrS8v3oGV
qAAWkLAknBMxvcUCMIdOtiQU4LPmnCB7GqK5sJLXvWz8U/ccAqFvso2fRef+bYj7
4+CKC9GSImbZGX9/R24BgJplJwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDGVPfEo
uX01vlVlblu4vDGnyZxuMB8GA1UdIwQYMBaAFApCKmOX2Otss1d1KXzrVaXhj+Hi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkFGRC81QkIyMjMwQTky
RjgxMUU3ODRDQTBFNUNDNEY5QUUwMi9Da0lxWTVmWTYyeXpWM1VwZk90VnBlR1A0
ZUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrSXFZNWZZNjJ5elYzVXBmT3RWcGVHUDRlSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzZBRkQvNUJCMjIzMEE5MkY4MTFFNzg0Q0EwRTVDQzRGOUFFMDIvQkZGQkE2MjJC
NzExMTFFREFFN0IzODE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn8iwDBAXKswAwDQYJKoZIhvcNAQELBQADggEBAKDM6qzt
JVGxJURdjzziMLu6ucyPfcR6NUvo4+8g6tgmEff3/P1omadroEzgM0b2/ljcm5PC
IFH1kyVNivSFwaJ8hLyW9gKHw9uN7bPhY8YupKbVdO/EW59ndYxY/rjs/Dd+kZXI
qBfM+lePWksQTCIHrIaNcSw71f+LlGAZmoVGqRUTWEWVGkGO4vdv7n1iQ9hUyiI1
Sk3QUDDVXakfLW5tgUkIeT4DIGlH4gUx8oBvrO2W3xx3Fe/JcGbo3m7Fc4jtPIgD
++fNDUXxhZHHIqX3i3LIo9pGGTfxqRh1VUBa785HLgSS9fjXC5798eWcXaoSnMP7
KOgLg7lzHFvOO30=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org